packages/mozjs78
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

init

Browse Source
This commit is contained in:
Jiayi Yin 2025-03-17 06:18:47 +00:00
commit ebbb360b11
22 changed files with 37582 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

94
CVE-2021-29946.patch Normal file
View File

@ -0,0 +1,94 @@
From e8f9f3b8869e7cd0db4f84d05ebb42c1ccd06395 Mon Sep 17 00:00:00 2001
From: Frederik Braun <fbraun@mozilla.com>
Date: Fri, 19 Mar 2021 14:08:03 +0000 (2021-03-19)
Subject: [PATCH] CVE-2021-29946
---
netwerk/base/nsIOService.cpp | 2 +-
netwerk/test/unit/test_altsvc.js | 57 ++++++++++++++++++++++++++++++++
2 files changed, 58 insertions(+), 1 deletion(-)
diff --git a/netwerk/base/nsIOService.cpp b/netwerk/base/nsIOService.cpp
index 79abb1310f..f72cdf02b8 100644
--- a/netwerk/base/nsIOService.cpp
+++ b/netwerk/base/nsIOService.cpp
@@ -1406,7 +1406,7 @@ nsIOService::AllowPort(int32_t inPort, const char* scheme, bool* _retval) {
return NS_OK;
}
- if (port == 0) {
+ if (port <= 0 || port >= std::numeric_limits<uint16_t>::max()) {
*_retval = false;
return NS_OK;
}
diff --git a/netwerk/test/unit/test_altsvc.js b/netwerk/test/unit/test_altsvc.js
index 57d4357cb3..4c4eaba6b6 100644
--- a/netwerk/test/unit/test_altsvc.js
+++ b/netwerk/test/unit/test_altsvc.js
@@ -468,6 +468,63 @@ function doTest16() {
do_test_finished();
},
});
+ nextTest = doTest19;
do_test_pending();
doTest();
}
+
+// Check we don't connect to blocked ports
+function doTest19() {
+ dump("doTest19()\n");
+ origin = httpFooOrigin;
+ nextTest = testsDone;
+ otherServer = Cc["@mozilla.org/network/server-socket;1"].createInstance(
+ Ci.nsIServerSocket
+ );
+ const BAD_PORT_U32 = 6667 + 65536;
+ otherServer.init(BAD_PORT_U32, true, -1);
+ Assert.ok(otherServer.port == 6667, "Trying to listen on port 6667");
+ xaltsvc = "localhost:" + BAD_PORT_U32;
+ dump("Blocked port: " + otherServer.port);
+ waitFor = 500;
+ otherServer.asyncListen({
+ onSocketAccepted() {
+ Assert.ok(false, "Got connection to socket when we didn't expect it!");
+ },
+ onStopListening() {
+ // We get closed when the entire file is done, which guarantees we get the socket accept
+ // if we do connect to the alt-svc header
+ do_test_finished();
+ },
+ });
+ nextTest = doTest20;
+ do_test_pending();
+ doTest();
+}
+function doTest20() {
+ dump("doTest20()\n");
+ origin = httpFooOrigin;
+ nextTest = testsDone;
+ otherServer = Cc["@mozilla.org/network/server-socket;1"].createInstance(
+ Ci.nsIServerSocket
+ );
+ const BAD_PORT_U64 = 6666 + 429496729;
+ otherServer.init(6666, true, -1);
+ Assert.ok(otherServer.port == 6666, "Trying to listen on port 6666");
+ xaltsvc = "localhost:" + BAD_PORT_U64;
+ dump("Blocked port: " + otherServer.port);
+ waitFor = 500;
+ otherServer.asyncListen({
+ onSocketAccepted() {
+ Assert.ok(false, "Got connection to socket when we didn't expect it!");
+ },
+ onStopListening() {
+ // We get closed when the entire file is done, which guarantees we get the socket accept
+ // if we do connect to the alt-svc header
+ do_test_finished();
+ },
+ });
+ do_test_pending();
+ doTest();
+}
+
--
2.27.0

65
CVE-2021-45960.patch Normal file
View File

@ -0,0 +1,65 @@
From 342c6cc760e273fef7a411a5658594b51957725f Mon Sep 17 00:00:00 2001
From: hartwork <hartwork@gmail.com>
Date: Thu, 20 Jul 2023 13:46:51 +0800
Subject: [PATCH] CVE-2021-45960
---
parser/expat/lib/xmlparse.c | 32 ++++++++++++++++++++++++++++++--
1 file changed, 30 insertions(+), 2 deletions(-)
diff --git a/parser/expat/lib/xmlparse.c b/parser/expat/lib/xmlparse.c
index 3ee417387c..f81a68d2fc 100644
--- a/parser/expat/lib/xmlparse.c
+++ b/parser/expat/lib/xmlparse.c
@@ -3382,10 +3382,17 @@ storeAtts(XML_Parser parser, const ENCODING *enc,
/* END MOZILLA CHANGE */
int j; /* hash table index */
unsigned long version = nsAttsVersion;
- int nsAttsSize = (int)1 << nsAttsPower;
+ /* Detect and prevent invalid shift */
+ if (parser->m_nsAttsPower >= sizeof(unsigned int) * 8 /* bits per byte */) {
+ return XML_ERROR_NO_MEMORY;
+ }
+
+ unsigned int nsAttsSize = 1u << nsAttsPower;
+
/* BEGIN MOZILLA CHANGE (Include xmlns attributes in attributes array) */
if (nPrefixes) {
/* END MOZILLA CHANGE */
+ unsigned char oldNsAttsPower = parser->m_nsAttsPower;
/* size of hash table must be at least 2 * (# of prefixed attributes) */
if ((nPrefixes << 1) >> nsAttsPower) { /* true for nsAttsPower = 0 */
NS_ATT *temp;
@@ -3393,7 +3400,28 @@ storeAtts(XML_Parser parser, const ENCODING *enc,
while (nPrefixes >> nsAttsPower++);
if (nsAttsPower < 3)
nsAttsPower = 3;
- nsAttsSize = (int)1 << nsAttsPower;
+
+ /* Detect and prevent invalid shift */
+ if (parser->m_nsAttsPower >= sizeof(nsAttsSize) * 8 /* bits per byte */) {
+ /* Restore actual size of memory in m_nsAtts */
+ parser->m_nsAttsPower = oldNsAttsPower;
+ return XML_ERROR_NO_MEMORY;
+ }
+
+ nsAttsSize = 1u << parser->m_nsAttsPower;
+
+ /* Detect and prevent integer overflow.
+ * The preprocessor guard addresses the "always false" warning
+ * from -Wtype-limits on platforms where
+ * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */
+#if UINT_MAX >= SIZE_MAX
+ if (nsAttsSize > (size_t)(-1) / sizeof(NS_ATT)) {
+ /* Restore actual size of memory in m_nsAtts */
+ parser->m_nsAttsPower = oldNsAttsPower;
+ return XML_ERROR_NO_MEMORY;
+ }
+#endif
+
temp = (NS_ATT *)REALLOC(nsAtts, nsAttsSize * sizeof(NS_ATT));
if (!temp)
return XML_ERROR_NO_MEMORY;
--
2.27.0

125
CVE-2022-22740.patch Normal file
View File

@ -0,0 +1,125 @@
From c6649f32c4edf56f91541df6ae1d4bfe15d1179b Mon Sep 17 00:00:00 2001
From: Valentin Gosu <valentin.gosu@gmail.com>
Date: Wed, 29 May 2024 17:01:27 +0800
Subject: [PATCH] Make sure to null out ChannelEventQueue::mOwner when object is released
Conflict :NA
Reference:https://hg.mozilla.org/integration/autoland/rev/2c34e2c06639132ae6a00b440c8835b2a44f42ad
---
netwerk/ipc/ChannelEventQueue.cpp | 11 ++++++++++-
netwerk/ipc/ChannelEventQueue.h | 5 +++++
netwerk/protocol/http/HttpChannelChild.cpp | 1 +
netwerk/protocol/http/HttpChannelParent.cpp | 1 +
netwerk/protocol/http/HttpTransactionParent.cpp | 1 +
netwerk/protocol/websocket/WebSocketChannelChild.cpp | 1 +
.../extensions/webrequest/StreamFilterParent.cpp | 1 +
7 files changed, 20 insertions(+), 1 deletion(-)
diff --git a/netwerk/ipc/ChannelEventQueue.cpp b/netwerk/ipc/ChannelEventQueue.cpp
index c02f892ba8..ba5235b62e 100644
--- a/netwerk/ipc/ChannelEventQueue.cpp
+++ b/netwerk/ipc/ChannelEventQueue.cpp
@@ -34,7 +34,12 @@ void ChannelEventQueue::FlushQueue() {
// Events flushed could include destruction of channel (and our own
// destructor) unless we make sure its refcount doesn't drop to 0 while this
// method is running.
- nsCOMPtr<nsISupports> kungFuDeathGrip(mOwner);
+ nsCOMPtr<nsISupports> kungFuDeathGrip;
+ {
+ MutexAutoLock lock(mMutex);
+ kungFuDeathGrip = mOwner;
+ }
+
mozilla::Unused << kungFuDeathGrip; // Not used in this function
#ifdef DEBUG
@@ -156,6 +161,10 @@ void ChannelEventQueue::ResumeInternal() {
nsCOMPtr<nsISupports> mOwner;
};
+ if (!mOwner) {
+ return;
+ }
+
// Worker thread requires a CancelableRunnable.
RefPtr<Runnable> event = new CompleteResumeRunnable(this, mOwner);
diff --git a/netwerk/ipc/ChannelEventQueue.h b/netwerk/ipc/ChannelEventQueue.h
index 650ee5b96f..aedbc00c63 100644
--- a/netwerk/ipc/ChannelEventQueue.h
+++ b/netwerk/ipc/ChannelEventQueue.h
@@ -171,6 +171,11 @@ class ChannelEventQueue final {
// dispatched in a new event on the current thread.
void Resume();
+ void NotifyReleasingOwner() {
+ MutexAutoLock lock(mMutex);
+ mOwner = nullptr;
+ }
+
private:
// Private destructor, to discourage deletion outside of Release():
~ChannelEventQueue() = default;
diff --git a/netwerk/protocol/http/HttpChannelChild.cpp b/netwerk/protocol/http/HttpChannelChild.cpp
index 2949f7f35c..ba06148c61 100644
--- a/netwerk/protocol/http/HttpChannelChild.cpp
+++ b/netwerk/protocol/http/HttpChannelChild.cpp
@@ -228,6 +228,7 @@ HttpChannelChild::~HttpChannelChild() {
mLoadInfo->RedirectChainIncludingInternalRedirects().Length(), flags);
}
#endif
+ mEventQ->NotifyReleasingOwner();
ReleaseMainThreadOnlyReferences();
}
diff --git a/netwerk/protocol/http/HttpChannelParent.cpp b/netwerk/protocol/http/HttpChannelParent.cpp
index 9ebae5fc7a..40ea4283cf 100644
--- a/netwerk/protocol/http/HttpChannelParent.cpp
+++ b/netwerk/protocol/http/HttpChannelParent.cpp
@@ -1058,6 +1058,7 @@ void HttpChannelParent::ContinueRedirect2Verify(const nsresult& aResult) {
mRedirectCallback->OnRedirectVerifyCallback(aResult);
mRedirectCallback = nullptr;
}
+ mEventQ->NotifyReleasingOwner();
}
mozilla::ipc::IPCResult HttpChannelParent::RecvDocumentChannelCleanup(
diff --git a/netwerk/protocol/http/HttpTransactionParent.cpp b/netwerk/protocol/http/HttpTransactionParent.cpp
index 041ecb804d..37d0e996c8 100644
--- a/netwerk/protocol/http/HttpTransactionParent.cpp
+++ b/netwerk/protocol/http/HttpTransactionParent.cpp
@@ -99,6 +99,7 @@ HttpTransactionParent::HttpTransactionParent(bool aIsDocumentLoad)
HttpTransactionParent::~HttpTransactionParent() {
LOG(("Destroying HttpTransactionParent @%p\n", this));
+ mEventQ->NotifyReleasingOwner();
}
//-----------------------------------------------------------------------------
diff --git a/netwerk/protocol/websocket/WebSocketChannelChild.cpp b/netwerk/protocol/websocket/WebSocketChannelChild.cpp
index a9b7a52bb7..e0d2b2137c 100644
--- a/netwerk/protocol/websocket/WebSocketChannelChild.cpp
+++ b/netwerk/protocol/websocket/WebSocketChannelChild.cpp
@@ -63,6 +63,7 @@ WebSocketChannelChild::WebSocketChannelChild(bool aEncrypted)
WebSocketChannelChild::~WebSocketChannelChild() {
LOG(("WebSocketChannelChild::~WebSocketChannelChild() %p\n", this));
+ mEventQ->NotifyReleasingOwner();
}
void WebSocketChannelChild::AddIPDLReference() {
diff --git a/toolkit/components/extensions/webrequest/StreamFilterParent.cpp b/toolkit/components/extensions/webrequest/StreamFilterParent.cpp
index 6632712fbf..aac58f2871 100644
--- a/toolkit/components/extensions/webrequest/StreamFilterParent.cpp
+++ b/toolkit/components/extensions/webrequest/StreamFilterParent.cpp
@@ -106,6 +106,7 @@ StreamFilterParent::~StreamFilterParent() {
NS_ReleaseOnMainThread("StreamFilterParent::mOrigListener",
mOrigListener.forget());
NS_ReleaseOnMainThread("StreamFilterParent::mContext", mContext.forget());
+ mQueue->NotifyReleasingOwner();
}
auto StreamFilterParent::Create(dom::ContentParent* aContentParent,
--
2.33.0

64
CVE-2022-25235.patch Normal file
View File

@ -0,0 +1,64 @@
From d4c2e1791d93c073308634aa15e5b11fd094c66d Mon Sep 17 00:00:00 2001
From: hartwork <hartwork@gmail.com>
Date: Mon, 1 Jul 2024 10:21:06 +0800
Subject: [PATCH] CVE-2022-25235
---
parser/expat/lib/xmltok.c | 7 -------
parser/expat/lib/xmltok_impl.c | 8 ++++++--
2 files changed, 6 insertions(+), 9 deletions(-)
diff --git a/parser/expat/lib/xmltok.c b/parser/expat/lib/xmltok.c
index f01c2fa996..d0e7f7f163 100644
--- a/parser/expat/lib/xmltok.c
+++ b/parser/expat/lib/xmltok.c
@@ -65,13 +65,6 @@
+ ((((byte)[2]) >> 5) & 1)] \
& (1u << (((byte)[2]) & 0x1F)))
-#define UTF8_GET_NAMING(pages, p, n) \
- ((n) == 2 \
- ? UTF8_GET_NAMING2(pages, (const unsigned char *)(p)) \
- : ((n) == 3 \
- ? UTF8_GET_NAMING3(pages, (const unsigned char *)(p)) \
- : 0))
-
/* Detection of invalid UTF-8 sequences is based on Table 3.1B
of Unicode 3.2: http://www.unicode.org/unicode/reports/tr28/
with the additional restriction of not allowing the Unicode
diff --git a/parser/expat/lib/xmltok_impl.c b/parser/expat/lib/xmltok_impl.c
index 5f779c0571..3bc0d85b8d 100644
--- a/parser/expat/lib/xmltok_impl.c
+++ b/parser/expat/lib/xmltok_impl.c
@@ -34,7 +34,7 @@
case BT_LEAD ## n: \
if (end - ptr < n) \
return XML_TOK_PARTIAL_CHAR; \
- if (!IS_NAME_CHAR(enc, ptr, n)) { \
+ if (IS_INVALID_CHAR(enc, ptr, n) || ! IS_NAME_CHAR(enc, ptr, n)) { \
*nextTokPtr = ptr; \
return XML_TOK_INVALID; \
} \
@@ -62,7 +62,7 @@
case BT_LEAD ## n: \
if (end - ptr < n) \
return XML_TOK_PARTIAL_CHAR; \
- if (!IS_NMSTRT_CHAR(enc, ptr, n)) { \
+ if (IS_INVALID_CHAR(enc, ptr, n) || ! IS_NMSTRT_CHAR(enc, ptr, n)) { \
*nextTokPtr = ptr; \
return XML_TOK_INVALID; \
} \
@@ -1090,6 +1090,10 @@ PREFIX(prologTok)(const ENCODING *enc, const char *ptr, const char *end,
case BT_LEAD ## n: \
if (end - ptr < n) \
return XML_TOK_PARTIAL_CHAR; \
+ if (IS_INVALID_CHAR(enc, ptr, n)) { \
+ *nextTokPtr = ptr; \
+ return XML_TOK_INVALID; \
+ } \
if (IS_NMSTRT_CHAR(enc, ptr, n)) { \
ptr += n; \
tok = XML_TOK_NAME; \
--
2.33.0

26
CVE-2022-34481.patch Normal file
View File

@ -0,0 +1,26 @@
From a928758612e67c4496bd9acf48bf66259c809782 Mon Sep 17 00:00:00 2001
From: Nika Layzell <nika@thelayzells.com>
Date: Tue, 07 Jun 2022 17:06:41 +0000 (24 months ago)
Subject: [PATCH] CVE-2022-34481
---
xpcom/ds/nsTArray.h | 3 +++
1 file changed, 3 insertions(+)
diff --git a/xpcom/ds/nsTArray.h b/xpcom/ds/nsTArray.h
index e368968359..61d7586233 100644
--- a/xpcom/ds/nsTArray.h
+++ b/xpcom/ds/nsTArray.h
@@ -2351,6 +2351,9 @@ auto nsTArray_Impl<E, Alloc>::ReplaceElementsAtInternal(index_type aStart,
if (MOZ_UNLIKELY(aStart > Length())) {
InvalidArrayIndex_CRASH(aStart, Length());
}
+ if (MOZ_UNLIKELY(aCount > Length() - aStart)) {
+ InvalidArrayIndex_CRASH(aStart + aCount, Length());
+ }
// Adjust memory allocation up-front to catch errors.
if (!ActualAlloc::Successful(this->template EnsureCapacity<ActualAlloc>(
--
2.27.0

1204
CVE-2023-29532.patch Normal file
View File

File diff suppressed because it is too large Load Diff

57
Fix-build-with-rust-nightly.patch Normal file
View File

@ -0,0 +1,57 @@
From 99c71d0db95b3626552a1375d5dfba22dc82ebfd Mon Sep 17 00:00:00 2001
From: lingsheng <lingsheng@huawei.com>
Date: Fri, 30 Apr 2021 17:11:51 +0800
Subject: [PATCH] Fix build with rust nightly
---
.cargo/config.in | 2 +-
Cargo.lock | 2 +-
Cargo.toml | 4 ++--
3 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/.cargo/config.in b/.cargo/config.in
index a40e667b5a..c95e6e016b 100644
--- a/.cargo/config.in
+++ b/.cargo/config.in
@@ -3,9 +3,9 @@
# Please do not edit.
[source."https://github.com/shravanrn/nix/"]
-branch = "r0.13.1"
git = "https://github.com/shravanrn/nix/"
replace-with = "vendored-sources"
+rev = "4af6c367603869a30fddb5ffb0aba2b9477ba92e"
[source."https://github.com/mozilla/rkv"]
git = "https://github.com/mozilla/rkv"
diff --git a/Cargo.lock b/Cargo.lock
index 0b61796d7d..e97e8d080b 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -3196,7 +3196,7 @@ dependencies = [
[[package]]
name = "nix"
version = "0.13.1"
-source = "git+https://github.com/shravanrn/nix/?branch=r0.13.1#4af6c367603869a30fddb5ffb0aba2b9477ba92e"
+source = "git+https://github.com/shravanrn/nix/?rev=4af6c367603869a30fddb5ffb0aba2b9477ba92e#4af6c367603869a30fddb5ffb0aba2b9477ba92e"
dependencies = [
"bitflags",
"cc",
diff --git a/Cargo.toml b/Cargo.toml
index 0b7ec008b8..910a62ee57 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -67,8 +67,8 @@ panic = "abort"
libudev-sys = { path = "dom/webauthn/libudev-sys" }
packed_simd = { git = "https://github.com/hsivonen/packed_simd", rev="3541e3818fdc7c2a24f87e3459151a4ce955a67a" }
rlbox_lucet_sandbox = { git = "https://github.com/PLSysSec/rlbox_lucet_sandbox/", rev="d510da5999a744c563b0acd18056069d1698273f" }
-nix = { git = "https://github.com/shravanrn/nix/", branch = "r0.13.1", rev="4af6c367603869a30fddb5ffb0aba2b9477ba92e" }
-spirv_cross = { git = "https://github.com/kvark/spirv_cross", branch = "wgpu3", rev = "20191ad2f370afd6d247edcb9ff9da32d3bedb9c" }
+nix = { git = "https://github.com/shravanrn/nix/", rev="4af6c367603869a30fddb5ffb0aba2b9477ba92e" }
+spirv_cross = { git = "https://github.com/kvark/spirv_cross", branch = "wgpu3" }
# failure's backtrace feature might break our builds, see bug 1608157.
failure = { git = "https://github.com/badboy/failure", rev = "64af847bc5fdcb6d2438bec8a6030812a80519a5" }
failure_derive = { git = "https://github.com/badboy/failure", rev = "64af847bc5fdcb6d2438bec8a6030812a80519a5" }
--
2.23.0

35278
Update-syn-and-proc-macro2-so-that-Firefox-can-build-on-Rust-nightly-again.patch Normal file
View File

File diff suppressed because one or more lines are too long

42
backport-CVE-2023-23599.patch Normal file
View File

@ -0,0 +1,42 @@
From fd34a58ac999727dde9fbe909953e1a9b5e34b04 Mon Sep 17 00:00:00 2001
From: s30028044 <sunhai10@huawei.com>
Date: Mon, 8 Apr 2024 19:41:26 +0800
Subject: [PATCH] CVE-2023-23599
---
devtools/client/netmonitor/test/browser_net_curl-utils.js | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/devtools/client/netmonitor/test/browser_net_curl-utils.js b/devtools/client/netmonitor/test/browser_net_curl-utils.js
index dbca31b..5258f5c 100644
--- a/devtools/client/netmonitor/test/browser_net_curl-utils.js
+++ b/devtools/client/netmonitor/test/browser_net_curl-utils.js
@@ -307,10 +307,10 @@ function testEscapeStringWin() {
"Double quotes should be escaped."
);
- const percentSigns = "%AppData%";
+ const percentSigns = "%TEMP% %@foo% %2XX% %_XX% %?XX%";
is(
CurlUtils.escapeStringWin(percentSigns),
- '""%"AppData"%""',
+ '"^%^TEMP^% ^%^@foo^% ^%^2XX^% ^%^_XX^% ^%?XX^%"',
"Percent signs should be escaped."
);
@@ -321,10 +321,10 @@ function testEscapeStringWin() {
"Backslashes should be escaped."
);
- const newLines = "line1\r\nline2\r\nline3";
+ const newLines = "line1\r\nline2\r\rline3\n\nline4";
is(
CurlUtils.escapeStringWin(newLines),
- '"line1"^\u000d\u000A\u000d\u000A"line2"^\u000d\u000A\u000d\u000A"line3"',
+ '"line1"^\r\n\r\n"line2"^\r\n\r\n""^\r\n\r\n"line3"^\r\n\r\n""^\r\n\r\n"line4"',
"Newlines should be escaped."
);
}
--
2.27.0

118
backport-CVE-2023-23601.patch Normal file
View File

@ -0,0 +1,118 @@
From 5d3ed1e2012322bff7593b7a508f89203d9cd3f9 Mon Sep 17 00:00:00 2001
From: s30028044 <sunhai10@huawei.com>
Date: Mon, 8 Apr 2024 19:50:07 +0800
Subject: [PATCH] CVE-2023-23601
---
dom/base/ContentAreaDropListener.jsm | 25 +++++++------------------
dom/events/DataTransfer.cpp | 11 +++++++++++
dom/events/DataTransfer.h | 3 +++
dom/webidl/DataTransfer.webidl | 7 +++++++
4 files changed, 28 insertions(+), 18 deletions(-)
diff --git a/dom/base/ContentAreaDropListener.jsm b/dom/base/ContentAreaDropListener.jsm
index 26764ac..adce0e1 100644
--- a/dom/base/ContentAreaDropListener.jsm
+++ b/dom/base/ContentAreaDropListener.jsm
@@ -261,30 +261,19 @@ ContentAreaDropListener.prototype = {
return true;
}
- let sourceNode = dataTransfer.mozSourceNode;
- if (!sourceNode) {
+ // If this is an external drag, allow drop.
+ let sourceWC = dataTransfer.sourceWindowContext;
+ if (!sourceWC) {
return true;
}
- // don't allow a drop of a node from the same document onto this one
- let sourceDocument = sourceNode.ownerDocument;
- let eventDocument = aEvent.originalTarget.ownerDocument;
- if (sourceDocument == eventDocument) {
+ // If drag source and drop target are in the same top window, don't allow.
+ let eventWC =
+ aEvent.originalTarget.ownerGlobal.browsingContext.currentWindowContext;
+ if (eventWC && sourceWC.topWindowContext == eventWC.topWindowContext) {
return false;
}
- // also check for nodes in other child or sibling frames by checking
- // if both have the same top window.
- if (sourceDocument && eventDocument) {
- if (sourceDocument.defaultView == null) {
- return true;
- }
- let sourceRoot = sourceDocument.defaultView.top;
- if (sourceRoot && sourceRoot == eventDocument.defaultView.top) {
- return false;
- }
- }
-
return true;
},
diff --git a/dom/events/DataTransfer.cpp b/dom/events/DataTransfer.cpp
index 4c623a2..e725e8d 100644
--- a/dom/events/DataTransfer.cpp
+++ b/dom/events/DataTransfer.cpp
@@ -435,6 +435,17 @@ already_AddRefed<nsINode> DataTransfer::GetMozSourceNode() {
return sourceNode.forget();
}
+already_AddRefed<WindowContext> DataTransfer::GetSourceWindowContext() {
+ nsCOMPtr<nsIDragSession> dragSession = nsContentUtils::GetDragSession();
+ if (!dragSession) {
+ return nullptr;
+ }
+
+ RefPtr<WindowContext> sourceWindowContext;
+ dragSession->GetSourceWindowContext(getter_AddRefs(sourceWindowContext));
+ return sourceWindowContext.forget();
+}
+
already_AddRefed<DOMStringList> DataTransfer::MozTypesAt(
uint32_t aIndex, CallerType aCallerType, ErrorResult& aRv) const {
// Only the first item is valid for clipboard events
diff --git a/dom/events/DataTransfer.h b/dom/events/DataTransfer.h
index 1d3305e..c086e02 100644
--- a/dom/events/DataTransfer.h
+++ b/dom/events/DataTransfer.h
@@ -40,6 +40,7 @@ class FileList;
class Promise;
template <typename T>
class Optional;
+class WindowContext;
#define NS_DATATRANSFER_IID \
{ \
@@ -257,6 +258,8 @@ class DataTransfer final : public nsISupports, public nsWrapperCache {
already_AddRefed<nsINode> GetMozSourceNode();
+ already_AddRefed<WindowContext> GetSourceWindowContext();
+
/*
* Integer version of dropEffect, set to one of the constants in
* nsIDragService.
diff --git a/dom/webidl/DataTransfer.webidl b/dom/webidl/DataTransfer.webidl
index f37bcf7..ac019a5 100644
--- a/dom/webidl/DataTransfer.webidl
+++ b/dom/webidl/DataTransfer.webidl
@@ -159,6 +159,13 @@ partial interface DataTransfer {
[UseCounter]
readonly attribute Node? mozSourceNode;
+ /**
+ * The window context that mouse was pressed over to begin the drag. For
+ * external drags, this will be null.
+ */
+ [ChromeOnly]
+ readonly attribute WindowContext? sourceWindowContext;
+
/**
* The URI spec of the triggering principal. This may be different than
* sourceNode's principal when sourceNode is xul:browser and the drag is
--
2.27.0

125
backport-CVE-2023-23602.patch Normal file
View File

@ -0,0 +1,125 @@
From 09cd706b37d396636546c8a402fe8ca7438716c4 Mon Sep 17 00:00:00 2001
From: s30028044 <sunhai10@huawei.com>
Date: Mon, 8 Apr 2024 20:02:38 +0800
Subject: [PATCH] CVE-2023-23602
---
dom/websocket/WebSocket.cpp | 39 ++++++++++++++++++++++++-------------
1 file changed, 25 insertions(+), 14 deletions(-)
diff --git a/dom/websocket/WebSocket.cpp b/dom/websocket/WebSocket.cpp
index caa60d9cd5..59aca1d227 100644
--- a/dom/websocket/WebSocket.cpp
+++ b/dom/websocket/WebSocket.cpp
@@ -120,7 +120,8 @@ class WebSocketImpl final : public nsIInterfaceRequestor,
bool IsTargetThread() const;
nsresult Init(JSContext* aCx, nsIPrincipal* aLoadingPrincipal,
- nsIPrincipal* aPrincipal, bool aIsServerSide,
+ nsIPrincipal* aPrincipal, const Maybe<ClientInfo>& aClientInfo,
+ nsICSPEventListener* aCSPEventListener, bool aIsServerSide,
const nsAString& aURL, nsTArray<nsString>& aProtocolArray,
const nsACString& aScriptFile, uint32_t aScriptLine,
uint32_t aScriptColumn);
@@ -979,6 +980,7 @@ class WebSocketMainThreadRunnable : public WorkerMainThreadRunnable {
class InitRunnable final : public WebSocketMainThreadRunnable {
public:
InitRunnable(WorkerPrivate* aWorkerPrivate, WebSocketImpl* aImpl,
+ const Maybe<mozilla::dom::ClientInfo>& aClientInfo,
bool aIsServerSide, const nsAString& aURL,
nsTArray<nsString>& aProtocolArray,
const nsACString& aScriptFile, uint32_t aScriptLine,
@@ -986,6 +988,7 @@ class InitRunnable final : public WebSocketMainThreadRunnable {
: WebSocketMainThreadRunnable(aWorkerPrivate,
NS_LITERAL_CSTRING("WebSocket :: init")),
mImpl(aImpl),
+ mClientInfo(aClientInfo),
mIsServerSide(aIsServerSide),
mURL(aURL),
mProtocolArray(aProtocolArray),
@@ -1015,10 +1018,10 @@ class InitRunnable final : public WebSocketMainThreadRunnable {
return true;
}
- mErrorCode =
- mImpl->Init(jsapi.cx(), mWorkerPrivate->GetPrincipal(),
- doc->NodePrincipal(), mIsServerSide, mURL, mProtocolArray,
- mScriptFile, mScriptLine, mScriptColumn);
+ mErrorCode = mImpl->Init(
+ jsapi.cx(), mWorkerPrivate->GetPrincipal(), doc->NodePrincipal(),
+ mClientInfo, mWorkerPrivate->CSPEventListener(), mIsServerSide, mURL,
+ mProtocolArray, mScriptFile, mScriptLine, mScriptColumn);
return true;
}
@@ -1028,7 +1031,8 @@ class InitRunnable final : public WebSocketMainThreadRunnable {
mErrorCode =
mImpl->Init(nullptr, mWorkerPrivate->GetPrincipal(),
- aTopLevelWorkerPrivate->GetPrincipal(), mIsServerSide, mURL,
+ aTopLevelWorkerPrivate->GetPrincipal(), mClientInfo,
+ mWorkerPrivate->CSPEventListener(), mIsServerSide, mURL,
mProtocolArray, mScriptFile, mScriptLine, mScriptColumn);
return true;
}
@@ -1036,6 +1040,7 @@ class InitRunnable final : public WebSocketMainThreadRunnable {
// Raw pointer. This worker runnable runs synchronously.
WebSocketImpl* mImpl;
+ Maybe<ClientInfo> mClientInfo;
bool mIsServerSide;
const nsAString& mURL;
nsTArray<nsString>& mProtocolArray;
@@ -1230,9 +1235,8 @@ already_AddRefed<WebSocket> WebSocket::ConstructorCommon(
}
aRv = webSocketImpl->Init(aGlobal.Context(), loadingPrincipal, principal,
- !!aTransportProvider, aUrl, protocolArray,
- EmptyCString(), 0, 0);
-
+ Nothing(), nullptr, !!aTransportProvider, aUrl,
+ protocolArray, ""_ns, 0, 0);
if (NS_WARN_IF(aRv.Failed())) {
return nullptr;
}
@@ -1256,8 +1260,9 @@ already_AddRefed<WebSocket> WebSocket::ConstructorCommon(
}
RefPtr<InitRunnable> runnable = new InitRunnable(
- workerPrivate, webSocketImpl, !!aTransportProvider, aUrl, protocolArray,
- nsDependentCString(file.get()), lineno, column);
+ workerPrivate, webSocketImpl,
+ workerPrivate->GlobalScope()->GetClientInfo(), !!aTransportProvider,
+ aUrl, protocolArray, nsDependentCString(file.get()), lineno, column);
runnable->Dispatch(Canceling, aRv);
if (NS_WARN_IF(aRv.Failed())) {
return nullptr;
@@ -1443,8 +1448,10 @@ void WebSocket::DisconnectFromOwner() {
//-----------------------------------------------------------------------------
nsresult WebSocketImpl::Init(JSContext* aCx, nsIPrincipal* aLoadingPrincipal,
- nsIPrincipal* aPrincipal, bool aIsServerSide,
- const nsAString& aURL,
+ nsIPrincipal* aPrincipal,
+ const Maybe<ClientInfo>& aClientInfo,
+ nsICSPEventListener* aCSPEventListener,
+ bool aIsServerSide, const nsAString& aURL,
nsTArray<nsString>& aProtocolArray,
const nsACString& aScriptFile,
uint32_t aScriptLine, uint32_t aScriptColumn) {
@@ -1537,7 +1544,11 @@ nsresult WebSocketImpl::Init(JSContext* aCx, nsIPrincipal* aLoadingPrincipal,
aPrincipal, // loading principal
aPrincipal, // triggering principal
originDoc, nsILoadInfo::SEC_ONLY_FOR_EXPLICIT_CONTENTSEC_CHECK,
- nsIContentPolicy::TYPE_WEBSOCKET);
+ nsIContentPolicy::TYPE_WEBSOCKET, aClientInfo);
+
+ if (aCSPEventListener) {
+ secCheckLoadInfo->SetCspEventListener(aCSPEventListener);
+ }
int16_t shouldLoad = nsIContentPolicy::ACCEPT;
rv = NS_CheckContentLoadPolicy(uri, secCheckLoadInfo, EmptyCString(),
--
2.27.0

38
copy-headers.patch Normal file
View File

@ -0,0 +1,38 @@
From 3b3c8e37cca418e07bdeceaf3a601805df28d925 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Franti=C5=A1ek=20Zatloukal?= <fzatlouk@redhat.com>
Date: Wed, 15 Jul 2020 08:27:39 +0200
Subject: [PATCH] build: Copy headers on install instead of symlinking
Patch by Philip Chimento ported forward to mozjs78
---
python/mozbuild/mozbuild/backend/recursivemake.py | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/python/mozbuild/mozbuild/backend/recursivemake.py b/python/mozbuild/mozbuild/backend/recursivemake.py
index e3fc8fe..bed5ae9 100644
--- a/python/mozbuild/mozbuild/backend/recursivemake.py
+++ b/python/mozbuild/mozbuild/backend/recursivemake.py
@@ -1457,9 +1457,9 @@ class RecursiveMakeBackend(MakeBackend):
raise Exception("Wildcards are only supported in the filename part"
" of srcdir-relative or absolute paths.")
- install_manifest.add_pattern_link(basepath, wild, path)
+ install_manifest.add_pattern_copy(basepath, wild, path)
else:
- install_manifest.add_pattern_link(f.srcdir, f, path)
+ install_manifest.add_pattern_copy(f.srcdir, f, path)
elif isinstance(f, AbsolutePath):
if not f.full_path.lower().endswith(('.dll', '.pdb', '.so')):
raise Exception("Absolute paths installed to FINAL_TARGET_FILES must"
@@ -1468,7 +1468,7 @@ class RecursiveMakeBackend(MakeBackend):
install_manifest.add_optional_exists(dest)
absolute_files.append(f.full_path)
else:
- install_manifest.add_link(f.full_path, dest)
+ install_manifest.add_copy(f.full_path, dest)
else:
install_manifest.add_optional_exists(dest)
objdir_files.append(self._pretty_path(f, backend_file))
--
2.26.2

61
emitter.patch Normal file
View File

@ -0,0 +1,61 @@
From d1d785c169345b81c76213f6dd9be32b4db60294 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Franti=C5=A1ek=20Zatloukal?= <fzatlouk@redhat.com>
Date: Wed, 15 Jul 2020 08:39:47 +0200
Subject: [PATCH] Build: allow LOCAL_INCLUDES paths with topsrcdir or topobjdir
---
python/mozbuild/mozbuild/frontend/emitter.py | 6 ------
.../mozbuild/test/frontend/test_emitter.py | 20 -------------------
2 files changed, 26 deletions(-)
diff --git a/python/mozbuild/mozbuild/frontend/emitter.py b/python/mozbuild/mozbuild/frontend/emitter.py
index 8d5ab8e..65c43ff 100644
--- a/python/mozbuild/mozbuild/frontend/emitter.py
+++ b/python/mozbuild/mozbuild/frontend/emitter.py
@@ -1239,12 +1239,6 @@ class TreeMetadataEmitter(LoggingMixin):
'is a filename, but a directory is required: %s '
'(resolved to %s)' % (local_include, full_path),
context)
- if (full_path == context.config.topsrcdir or
- full_path == context.config.topobjdir):
- raise SandboxValidationError(
- 'Path specified in LOCAL_INCLUDES '
- '(%s) resolves to the topsrcdir or topobjdir (%s), which is '
- 'not allowed' % (local_include, full_path), context)
include_obj = LocalInclude(context, local_include)
local_includes.append(include_obj.path.full_path)
yield include_obj
diff --git a/python/mozbuild/mozbuild/test/frontend/test_emitter.py b/python/mozbuild/mozbuild/test/frontend/test_emitter.py
index e8cbd81..d45ccee 100644
--- a/python/mozbuild/mozbuild/test/frontend/test_emitter.py
+++ b/python/mozbuild/mozbuild/test/frontend/test_emitter.py
@@ -1040,26 +1040,6 @@ class TestEmitterBasic(unittest.TestCase):
self.assertEqual(local_includes, expected)
- def test_local_includes_invalid(self):
- """Test that invalid LOCAL_INCLUDES are properly detected."""
- reader = self.reader('local_includes-invalid/srcdir')
-
- with six.assertRaisesRegex(
- self,
- SandboxValidationError,
- 'Path specified in LOCAL_INCLUDES.*resolves to the '
- 'topsrcdir or topobjdir'):
- self.read_topsrcdir(reader)
-
- reader = self.reader('local_includes-invalid/objdir')
-
- with six.assertRaisesRegex(
- self,
- SandboxValidationError,
- 'Path specified in LOCAL_INCLUDES.*resolves to the '
- 'topsrcdir or topobjdir'):
- self.read_topsrcdir(reader)
-
def test_local_includes_file(self):
"""Test that a filename can't be used in LOCAL_INCLUDES."""
reader = self.reader('local_includes-filename')
--
2.26.2

BIN
firefox-78.4.0esr.source.tar.xz Normal file
View File

Binary file not shown.

26
fix-soname.patch Normal file
View File

@ -0,0 +1,26 @@
From d21c7cb9343d8c495d987e71be0f35887574c820 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Franti=C5=A1ek=20Zatloukal?= <fzatlouk@redhat.com>
Date: Wed, 15 Jul 2020 08:21:47 +0200
Subject: [PATCH] Add soname switch to linker, regardless of Operating System
Fix backported from Debian: http://bugs.debian.org/746705
---
config/rules.mk | 2 ++
1 file changed, 2 insertions(+)
diff --git a/config/rules.mk b/config/rules.mk
index 3965c88..3f92f83 100644
--- a/config/rules.mk
+++ b/config/rules.mk
@@ -320,6 +320,8 @@ ifeq ($(OS_ARCH),GNU)
OS_CPPFLAGS += -DPATH_MAX=1024 -DMAXPATHLEN=1024
endif
+EXTRA_DSO_LDOPTS += -Wl,-soname,lib$(JS_LIBRARY_NAME).so.0
+
#
# MINGW32
#
--
2.26.2

34
icu_sources_data-Write-command-output-to-our-stderr.patch Normal file
View File

@ -0,0 +1,34 @@
From: Simon McVittie <smcv@debian.org>
Date: Mon, 9 Oct 2017 09:23:14 +0100
Subject: icu_sources_data: Write command output to our stderr
Saying "See output in /tmp/foobar" is all very well for a developer
build, but on a buildd our /tmp is going to get thrown away after
the build. Just log the usual way instead.
---
intl/icu_sources_data.py | 7 ++-----
1 file changed, 2 insertions(+), 5 deletions(-)
diff --git a/intl/icu_sources_data.py b/intl/icu_sources_data.py
index 8cf9290..7d2d983 100644
--- a/intl/icu_sources_data.py
+++ b/intl/icu_sources_data.py
@@ -187,16 +187,13 @@
def try_run(name, command, cwd=None, **kwargs):
try:
- with tempfile.NamedTemporaryFile(prefix=name, delete=False) as f:
- subprocess.check_call(command, cwd=cwd, stdout=f,
- stderr=subprocess.STDOUT, **kwargs)
+ subprocess.check_call(command, cwd=cwd, stdout=sys.stderr,
+ stderr=subprocess.STDOUT, **kwargs)
except subprocess.CalledProcessError:
- print('''Error running "{}" in directory {}
- See output in {}'''.format(' '.join(command), cwd, f.name),
- file=sys.stderr)
+ print('''Error running "{}" in directory {}'''.format(' '.join(command), cwd),
+ file=sys.stderr)
return False
else:
- os.unlink(f.name)
return True

26
icu_sources_data.py-Decouple-from-Mozilla-build-system.patch Normal file
View File

@ -0,0 +1,26 @@
From: Simon McVittie <smcv@debian.org>
Date: Mon, 9 Oct 2017 09:22:12 +0100
Subject: icu_sources_data.py: Decouple from Mozilla build system
mozpack.path is a wrapper around os.path that normalizes path
separators on Windows, but on Unix we only have one path separator
so there's nothing to normalize. Avoid needing to import all of it.
---
intl/icu_sources_data.py | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/intl/icu_sources_data.py b/intl/icu_sources_data.py
index 98c0ccb..8cf9290 100644
--- a/intl/icu_sources_data.py
+++ b/intl/icu_sources_data.py
@@ -21,7 +21,9 @@
import sys
import tempfile
-from mozpack import path as mozpath
+# Close enough
+import os.path as mozpath
+mozpath.normsep = lambda p: p
# The following files have been determined to be dead/unused by a
# semi-automated analysis. You can just remove any of the files below

13
init_patch.patch Normal file
View File

@ -0,0 +1,13 @@
--- a/python/mozbuild/mozbuild/configure/__init__.py
+++ b/python/mozbuild/mozbuild/configure/__init__.py
@@ -473,8 +473,8 @@
msg = 'Unknown option: %s' % without_value
if self._help:
self._logger.warning(msg)
- else:
- raise InvalidOptionError(msg)
+ #else:
+ # raise InvalidOptionError(msg)
# Run the execution queue
for func, args in self._execution_queue:

145
mozjs78.spec Normal file
View File

@ -0,0 +1,145 @@
%global major 78
Name: mozjs%{major}
Version: 78.4.0
Release: 10
Summary: SpiderMonkey JavaScript library
License: MPLv2.0 and MPLv1.1 and BSD and GPLv2+ and GPLv3+ and LGPLv2+ and AFL and ASL 2.0
URL: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/SpiderMonkey
Source0: https://ftp.mozilla.org/pub/firefox/releases/%{version}esr/source/firefox-%{version}esr.source.tar.xz
# Patches from mozjs68, rebased for mozjs78:
Patch01: fix-soname.patch
Patch02: copy-headers.patch
Patch03: tests-increase-timeout.patch
Patch04: icu_sources_data.py-Decouple-from-Mozilla-build-system.patch
Patch05: icu_sources_data-Write-command-output-to-our-stderr.patch
# Build fixes - https://hg.mozilla.org/mozilla-central/rev/ca36a6c4f8a4a0ddaa033fdbe20836d87bbfb873
Patch06: emitter.patch
# Build fixes
Patch07: init_patch.patch
# TODO: Check with mozilla for cause of these fails and re-enable spidermonkey compile time checks if needed
Patch08: spidermonkey_checks_disable.patch
Patch09: Update-syn-and-proc-macro2-so-that-Firefox-can-build-on-Rust-nightly-again.patch
Patch10: Fix-build-with-rust-nightly.patch
Patch11: backport-CVE-2023-23599.patch
Patch12: backport-CVE-2023-23601.patch
Patch13: backport-CVE-2023-23602.patch
Patch14: CVE-2021-29946.patch
Patch15: CVE-2022-34481.patch
Patch16: CVE-2023-29532.patch
Patch17: CVE-2022-22740.patch
Patch18: CVE-2021-45960.patch
Patch19: CVE-2022-25235.patch
BuildRequires: autoconf213 cargo clang-devel gcc gcc-c++ perl-devel pkgconfig(libffi) pkgconfig(zlib)
BuildRequires: python3-devel python3-six readline-devel zip nasm llvm llvm-devel icu rust
%description
SpiderMonkey is the code-name for Mozilla Firefox's C++ implementation of
JavaScript. It is intended to be embedded in other applications
that provide host environments for JavaScript.
%package devel
Summary: Development files for %{name}
Requires: %{name}%{?_isa} = %{version}-%{release}
%description devel
The %{name}-devel package contains libraries and header files for
developing applications that use %{name}.
%package_help
%prep
%autosetup -p1 -n firefox-%{version}
cp LICENSE js/src/
rm -rf ../../modules/zlib
%build
pushd js/src
export CC=gcc
export CXX=g++
export RUSTFLAGS="-C embed-bitcode"
export CFLAGS="%{optflags}"
export CXXFLAGS="$CFLAGS"
export LINKFLAGS="%{?__global_ldflags}"
export PYTHON="%{__python3}"
autoconf-2.13
%configure \
--without-system-icu --with-system-zlib --disable-tests --disable-strip --with-intl-api \
--enable-readline --enable-shared-js --disable-optimize --enable-pie --disable-jemalloc
%make_build
popd
%install
pushd js/src
%make_install
# Fix permissions
chmod -x %{buildroot}%{_libdir}/pkgconfig/*.pc
# Remove unneeded files
rm %{buildroot}%{_bindir}/js%{major}-config
rm %{buildroot}%{_libdir}/libjs_static.ajs
# Rename library and create symlinks, following fix-soname.patch
mv %{buildroot}%{_libdir}/libmozjs-%{major}.so \
%{buildroot}%{_libdir}/libmozjs-%{major}.so.0.0.0
ln -s libmozjs-%{major}.so.0.0.0 %{buildroot}%{_libdir}/libmozjs-%{major}.so.0
ln -s libmozjs-%{major}.so.0 %{buildroot}%{_libdir}/libmozjs-%{major}.so
popd
%check
pushd js/src
PYTHONPATH=tests/lib %{__python3} tests/jstests.py -d -s -t 1800 --no-progress --wpt=disabled ../../js/src/dist/bin/js%{major}
PYTHONPATH=tests/lib %{__python3} jit-test/jit_test.py -s -t 1800 --no-progress ../../js/src/dist/bin/js%{major} basic
popd
%ldconfig_scriptlets
%files
%license LICENSE
%{_libdir}/libmozjs-%{major}.so.0*
%files devel
%{_bindir}/js%{major}
%{_libdir}/libmozjs-%{major}.so
%{_libdir}/pkgconfig/*.pc
%{_includedir}/mozjs-%{major}/
%files help
%doc js/src/README.html
%changelog
* Mon Jul 01 2024 lvfei <lvfei@kylinos.cn> - - 78.4.0-10
- Fix CVE-2022-25235 and CVE-2021-45960 Upstream information
* Mon Jun 24 2024 lvfei <lvfei@kylinos.cn> - - 78.4.0-9
- Fix CVE-2022-25235
* Thu Jun 13 2024 lvfei <lvfei@kylinos.cn> - - 78.4.0-8
- Fix CVE-2021-45960
* Thu Jun 13 2024 sunhai <sunhai10@huawei.com> - 78.4.0-7
- fix CVE-2022-22740
* Wed Jun 12 2024 technology208 <technology@208suo.com> - 78.4.0-6
- fix CVE-2023-29532
* Mon May 27 2024 lvfei <lvfei@kylinos.cn> - - 78.4.0-5
- Fix CVE-2022-34481
* Mon May 13 2024 lvfei <lvfei@kylinos.cn> - - 78.4.0-4
- fix CVE-2021-29946
* Mon Apr 08 2024 sunhai <sunhai10@huawei.com> - 78.4.0-3
- fix CVEs
* Tue May 11 2021 zhanzhimin <zhanzhimin@huawei.com> - 78.4.0-2
- Type:bugfix
- ID:NA
- SUG:NA
- DESC:fix build error caused by rust
* Thu Nov 05 2020 chengguipeng <chengguipeng1@huawei.com> - 78.4.0-1
- Package init

5
mozjs78.yaml Normal file
View File

@ -0,0 +1,5 @@
version_control: NA
src_repo:
tag_prefix:
separator:
URL: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/SpiderMonkey

10
spidermonkey_checks_disable.patch Normal file
View File

@ -0,0 +1,10 @@
--- a/config/run_spidermonkey_checks.py
+++ b/config/run_spidermonkey_checks.py
@@ -11,5 +11,5 @@
for script in scripts:
retcode = subprocess.call(
[sys.executable, script], cwd=buildconfig.topsrcdir)
- if retcode != 0:
- raise Exception(script + " failed")
+ #if retcode != 0:
+ # raise Exception(script + " failed")

26
tests-increase-timeout.patch Normal file
View File

@ -0,0 +1,26 @@
From 9be85b155c6df0454c5faef9e850f572c99e3615 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Franti=C5=A1ek=20Zatloukal?= <fzatlouk@redhat.com>
Date: Wed, 15 Jul 2020 08:32:44 +0200
Subject: [PATCH] Increase the test timeout for slower buildds
Ported forward from Debian: https://bugs.debian.org/878284
---
js/src/Makefile.in | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/js/src/Makefile.in b/js/src/Makefile.in
index b86aeed..d68655a 100644
--- a/js/src/Makefile.in
+++ b/js/src/Makefile.in
@@ -53,7 +53,7 @@ check:: check-js-msg
check-jstests:
$(wildcard $(RUN_TEST_PROGRAM)) $(PYTHON3) -u $(srcdir)/tests/jstests.py \
- --no-progress --format=automation --timeout 300 \
+ --no-progress --format=automation --timeout 600 \
$(JSTESTS_EXTRA_ARGS) \
$(DIST)/bin/$(JS_SHELL_NAME)$(BIN_SUFFIX)
--
2.26.2